Goal Reached Thanks to every supporter — we hit 100%!

Goal: 1000 CNY · Raised: 1000 CNY

100.0%
Buy Us a Coffee

IBM — Vulnerabilities & Security Advisories 4629

Browse all 4629 CVE security advisories affecting IBM. AI-powered Chinese analysis, POCs, and references for each vulnerability.

IBM operates as a multinational technology and consulting corporation, primarily providing enterprise software, hybrid cloud services, and artificial intelligence solutions. Its extensive portfolio, including the Red Hat OpenShift platform and Watson AI suite, creates a broad attack surface that has historically been associated with Remote Code Execution (RCE) vulnerabilities, particularly within web application frameworks and middleware. Cross-site scripting (XSS) and privilege escalation flaws also frequently appear in its legacy enterprise applications and containerized environments. While the company maintains robust security protocols, past incidents have included data breaches affecting customer information and supply chain compromises. The high volume of recorded Common Vulnerabilities and Exposures (CVEs) reflects the complexity and scale of its global infrastructure rather than inherent systemic failure, though it necessitates rigorous patch management and continuous monitoring for enterprise clients relying on its diverse technological stack.

Top products by IBM: DB2 for Linux, UNIX and Windows InfoSphere Information Server Sterling B2B Integrator WebSphere Application Server Security Guardium QRadar SIEM Cognos Analytics MQ Maximo Asset Management API Connect Rational Quality Manager Rational Collaborative Lifecycle Management Security Key Lifecycle Manager i AIX Spectrum Protect Plus Robotic Process Automation Spectrum Scale UrbanCode Deploy Cognos Controller Aspera Faspex Sterling File Gateway Rational DOORS Next Generation Security Identity Governance and Intelligence Cloud Pak for Security Cloud Pak System Concert Financial Transaction Manager Content Navigator Jazz Reporting Service
CVE IDTitleCVSSSeverityPublished
CVE-2023-35898 IBM InfoSphere Information Server information disclosure — InfoSphere Information ServerCWE-200 4.3 Medium2023-07-19
CVE-2023-30433 IBM Security Verify Access HTTP open redirect — Security Verify Access DockerCWE-601 6.5 Medium2023-07-19
CVE-2023-35012 IBM Db2 code execution — Db2 for Linux, UNIX and WindowsCWE-121 6.7 Medium2023-07-17
CVE-2023-33857 IBM InfoSphere Information Server information disclosure — InfoSphere Information ServerCWE-200 5.3 Medium2023-07-16
CVE-2023-35901 IBM Robotic Process Automation security bypass — Robotic Process AutomationCWE-287 2.7 Low2023-07-16
CVE-2023-30989 IBM i privilege escalation — iCWE-269 8.4 High2023-07-16
CVE-2023-30988 IBM i privilege escalation — iCWE-269 8.4 High2023-07-16
CVE-2023-28955 IBM Watson Knowledge Catalog denial of service — Watson Knowledge Catalog on Cloud Pak for DataCWE-20 6.5 Medium2023-07-10
CVE-2023-28958 IBM Watson Knowledge Catalog CSV injection — Watson Knowledge Catalog on Cloud Pak for DataCWE-1236 7.0 High2023-07-10
CVE-2023-27540 IBM Watson CP4D Data Stores denial of service — Watson CP4D Data StoresCWE-770 5.9 Medium2023-07-10
CVE-2023-28953 IBM Cognos Analytics on Cloud Pak for Data improper access control — Cognos Analytics Cartridge for Cloud Pak for Data 3.1 Low2023-07-10
CVE-2023-30442 IBM Db2 denial of service — Db2 for Linux, UNIX and WindowsCWE-20 5.9 Medium2023-07-10
CVE-2023-30431 IBM Db2 buffer overflow — Db2 for Linux, UNIX and WindowsCWE-119 8.4 High2023-07-09
CVE-2023-23487 IBM Db2 audit logging — Db2 for Linux, UNIX and Windows 4.3 Medium2023-07-09
CVE-2023-27558 IBM Db2 privilege escalation — Db2 for Windows 8.4 High2023-07-09
CVE-2023-29256 IBM Db2 information disclosure — Db2 for Linux, UNIX and Windows 5.3 Medium2023-07-09
CVE-2023-27868 IBM Db2 code execution — Db2 for Linux, UNIX and WindowsCWE-94 6.3 Medium2023-07-08
CVE-2023-27867 IBM Db2 code execution — Db2 for Linux, UNIX and WindowsCWE-94 6.3 Medium2023-07-08
CVE-2023-27869 IBM Db2 code execution — Db2 for Linux, UNIX and WindowsCWE-94 6.3 Medium2023-07-08
CVE-2023-30449 IBM Db2 denial of service — DB2 for Linux, UNIX and WindowsCWE-20 7.5 High2023-07-08
CVE-2023-30445 IBM Db2 denial of service — DB2 for Linux, UNIX and WindowsCWE-20 7.5 High2023-07-08
CVE-2023-30448 IBM Db2 denial of service — DB2 for Linux, UNIX and WindowsCWE-20 5.9 Medium2023-07-08
CVE-2023-30446 IBM Db2 denial of service — DB2 for Linux, UNIX and WindowsCWE-20 5.9 Medium2023-07-08
CVE-2023-30447 IBM Db2 denial of service — DB2 for Linux, UNIX and WindowsCWE-20 5.9 Medium2023-07-08
CVE-2021-39014 IBM Cloud Object Storage System cross-site scripting — Cloud Object Storage SystemCWE-79 6.4 Medium2023-07-07
CVE-2023-35890 IBM WebSphere Application Server information disclosure — WebSphere Application ServerCWE-327 5.1 Medium2023-07-07
CVE-2023-30990 IBM i command execution — iCWE-94 8.6 High2023-07-03
CVE-2023-27866 IBM Informix JDBC code execution — Informix JDBCCWE-94 6.3 Medium2023-06-28
CVE-2023-30993 IBM Cloud Pak for Security information disclosure — Cloud Pak for SecurityCWE-200 6.8 Medium2023-06-27
CVE-2023-23468 IBM Robotic Process Automation for Cloud Pak access control — Robotic Process Automation for Cloud Pak 5.1 Medium2023-06-27

This page lists every published CVE security advisory associated with IBM. Each entry links to a detailed page with CVSS scoring, CWE classification, affected products and references. AI-generated Chinese analysis is provided for fast triage.